San Francisco-based password management service OneLogin has fallen victim to a security breach, according to a blog post earlier this week from Alvaro Hoyos, the company's chief information security officer.

More than 12 million people utilize OneLogin - Yelp, AAA, Dell, Pandora and Pinterest are among its 2,000 clients. The company has more than 300 app vendors and 70 software-as-a-service providers.

It's unclear how many people were affected by the cyberattack - hackers may have also been able to decrypt users' personal data.

"The threat actor was able to access database tables that contain information about users, apps, and various types of keys," Hoyos explained. "While we encrypt certain sensitive data at rest, at this time we cannot rule out the possibility that the threat actor also obtained the ability to decrypt data. We are thus erring on the side of caution and recommending actions our customers should take."

The breach affects all customers "in the U.S. data region," but it's unclear how long the sensitive information was available.

OneLogin allows registered users to access multiple apps or sites with a single password. Services like Microsoft Office 365, Google Analytics, LinkedIn, Cisco Webex and Amazon Web are integrated with the cloud-based company.

"OneLogin’s investigation is ongoing, and is aided by independent third-party security experts, as well as law enforcement," Hoyos said.

Anyone who uses the password manager to access Yelp, LinkedIn, Pandora, Pinterest or any OneLogin-enabled company is advised to change his or her private information.